SpyShelter 10

Discussion in 'other anti-malware software' started by Mops21, Jul 30, 2015.

  1. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    15,224
    Location:
    The Netherlands
    Correct, I have been asking for a better logging system for years, but to no avail.
     
  2. n8chavez

    n8chavez Registered Member

    Joined:
    Jul 19, 2003
    Posts:
    3,124
    Location:
    Location Unknown
    You assume I didn't' read the manual. I did. There was no answer as to why things were being blocked yet there was nothing in the log that indicated why. There was nothing in the manual that suggested what I should go when SBIE was not functioning correctly when it had execution permissions. There was nothing in the manual that said why restricted applications couldn't print, when we have seen here that they can. None of these questions were answered in the knowledgebase either. In fact SSF support had no answers either, other than "accept that fact." Why complain, because after reading the documentation (which was no help), and asking support all I got was unhelpful,, needlessly rude feedback.
     
  3. Schorg

    Schorg Guest

    How are you going with SpyShelter Firewall, is it still working as expected?
     
  4. boredog

    boredog Registered Member

    Joined:
    Feb 1, 2015
    Posts:
    2,499
    does not appear to install while in shadow mode. does this installer check to see if it in run in a virtual environment?
     
  5. Schorg

    Schorg Guest

    Sorry never tried to install SpyShelter in Shadow Defender, but I know it will not be successfully because it requires a reboot in order to finish the installation.
     
  6. n8chavez

    n8chavez Registered Member

    Joined:
    Jul 19, 2003
    Posts:
    3,124
    Location:
    Location Unknown
    If software could be installed in Shadow/virtual mode wouldn't that then defeat the point of the virtual software? I have Shadow Defender and SpywareShelter Firewall functioning; I just installed Shadow Defender last.

    Schorg - I haven't had time yet to really thoroughly test it. I will most likely be doing that tonight. However, preliminarily, I can say I've very optimistic because there have not been any issues at all yet. I'll keep ya posted.
     
  7. Schorg

    Schorg Guest

    Ok, thanks:)
     
  8. n8chavez

    n8chavez Registered Member

    Joined:
    Jul 19, 2003
    Posts:
    3,124
    Location:
    Location Unknown
    Everything seems to be working fine. Printing now works from restricted applications. I wish I could tell you why. There was nothing in the log to indicate why it didn't work before, and even SSF support didn't know why. They just hid behind a generic answer. I did have to reset my ruleset. But it works now. I am not going to use SBIE, because there's no need now that I can print from restricted apps.

    I think I'm going to pair it with Shadow Defender.
     
  9. Schorg

    Schorg Guest

    Glad that everything is working ok now, very strange why this happened maybe SpyShelter Firewall became corrupt in some way or unknown bug?. I have tried to reproduce, but when you restrict an app the general rules do not have any effect as the restricted apps (internal rules) over ride the general rules. The only rules which can override these restricted apps rules and I believe very importantly that they should do are <all components> (deny rules) as far as I can tell. Also forgot to mention that action 53 execution of an application only has an effect for the execution of the app which is restricted.

    Yes I agree SpyShelter Firewall and Shadow Defender are a good combo.
     
  10. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    15,224
    Location:
    The Netherlands
    BTW, which apps are you running restricted, and why not use SBIE for sandboxing those apps?
     
  11. n8chavez

    n8chavez Registered Member

    Joined:
    Jul 19, 2003
    Posts:
    3,124
    Location:
    Location Unknown
    I can. It's just that I don't feel the need. Why add another app when restriction abilities are in SSF. I have a lifetime license for SBIE, but with SSF, Shadow Defender, and Zemana Premium there's no need.

    upload_2017-2-5_21-6-27.png
     
  12. guest

    guest Guest

    Indeed, it is obvious that anything installed/created on the protected partition (C: by default) while in Shadow Mode, won't be kept, because SD at each reboot negate all actions done; installation and created files (unless the file/folder is excluded which defeat SD purpose...)
     
  13. Schorg

    Schorg Guest

    Yes, agreed. I thought as boredog is a user of Shadow Defender he would be aware of this, but might not be aware that the installation of SpyShelter requires a reboot to complete sucessfully and thus futile to even attempt installation in Shadow Defender's "Shadow Mode". Maybe boredog could use a VM or something like Rollback RX for trying out different security apps.
     
    Last edited by a moderator: Feb 6, 2017
  14. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    I don't worry about that when trying stuff. That is the advantage of Macrium's speed. Quick image before and quick restore if I don't like it.
     
  15. Schorg

    Schorg Guest

    I use Oracle's Virtualbox, but using Macrium Reflect in that way sounds interesting. I have Macrium Relect on my systems's (Paid) I shall give it a go. Thank you for the tip.
     
  16. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    15,224
    Location:
    The Netherlands
    OK, I see. I didn't know you wasn't using SBIE anymore. The reason I asked is because SBIE is way more advanced and secure when it comes to sandboxing.
     
  17. n8chavez

    n8chavez Registered Member

    Joined:
    Jul 19, 2003
    Posts:
    3,124
    Location:
    Location Unknown
    That's true. But I like the combo of SSF w/restricted apps + Shadow Defender >>> SBIE + SSF w/o restricted apps + Shadow Defender. The latter is redundant.
     
  18. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    15,224
    Location:
    The Netherlands
    I forgot to ask if all of your restricted apps are working correctly. The thing is, because of SBIE's virtualization, you don't have to worry about which folders are accessible. That's the reason why I never liked the SS sandbox, it should be redesigned.
     
  19. n8chavez

    n8chavez Registered Member

    Joined:
    Jul 19, 2003
    Posts:
    3,124
    Location:
    Location Unknown
    Yeah, I think everything is working correctly. I'm sure there are errors in the SSF log, but I haven't noticed anything I cannot do once I recreated my config. Also, be aware that with SSF you can also restrict folders.
     
  20. n8chavez

    n8chavez Registered Member

    Joined:
    Jul 19, 2003
    Posts:
    3,124
    Location:
    Location Unknown
    Actually, I take that back. I just noticed that a few of my firefox extensions are not working, nor is the ability to customize the firefox toolbars when it's restricted. There were no such issues in SBIE.
     
  21. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    15,224
    Location:
    The Netherlands
    That's exactly what I mean, I don't see the point of restricting write access to almost all folders, it will only cause annoyance. I think the sandbox should be focused on auto-blocking suspicious behavior of restricted apps.
     
  22. Tried the discontinued free version again, but it keeps forgetting the rules I add manually. Anyone know a solution for this (besides buying a license, because paid version still works).
     
  23. KeyPer4Life

    KeyPer4Life Registered Member

    Joined:
    Dec 18, 2013
    Posts:
    1,250
    I believe the value to disable CMD should be set to 1. (disabled) Value of 0 would be enabled and CMD would run.
     
  24. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    42,809
    And for allowing of scripts/batch files, the value can be set to "2".
    0 = CMD enabled
    1 = CMD and scripts are disabled.
    2 = CMD disabled, scripts are allowed
     
  25. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    42,809
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.